<?php

require_once("/var/www/AppResiduos2/lib/model/Usuario.php");
require_once("/var/www/AppResiduos2/lib/dao/UsuarioDAO.php");



class UsuarioControl{

	var $usuario;

        function login(){
            
            session_start();

            $username = $_POST["username"];
            $password = $_POST["password"];

            if ($username&&$password)
            {

                    $uDAO = new UsuarioDAO;
                    $u = $uDAO->obtenerUsuarioPorUsername($username);
                    $numrows = sizeof($u);

                    if ($numrows != 0)
                    {
                            $u = $u[0];
                            $dbusername = $u->username;
                            $dbpassword = $u->password;
                            $priv = $u->privilege;
                            // check to see if they match

                            if ($username == $dbusername&&md5($password)==$dbpassword)
                            {
                                    $_SESSION["username"] = $username;
                                    $_SESSION['priv'] = $priv;
                                    require_once("/var/www/AppResiduos2/Menu.php");
                                    //echo "You're in!! <a href='member.php'>Click here</a> to enter the member page";

                            }
                            else
                                    echo "Incorrect password!";

                    }
                    else
                            die("That user doesn't exist");


            }
            else
                die("Please enter a username and a password");
        }

        

        function logout(){
            
        }
	
	function nuevoUsuario(){

            $this->usuario = new Usuario;

            $submit = $_POST["submit"];
            $this->usuario->fullname  = strip_tags($_POST["fullname"]);
            $this->usuario->username  = strip_tags($_POST["username"]);
            $this->usuario->password  = strip_tags($_POST["password"]);
            $repeatpassword  = strip_tags($_POST["repeatpassword"]);
            $this->usuario->date = date("Y-m-d");
            $this->usuario->privilege = 2;


            $uDAO = new UsuarioDAO;
            $u = $uDAO->obtenerUsuarioPorUsername($this->usuario->username);
            $numrows = sizeof($u);

            if($submit){

            if ($numrows == 0)
            {

                    // check for existance;
                    if ($this->usuario->fullname && $this->usuario->username &&
                            $this->usuario->password && $repeatpassword)
                    {
                            if ($this->usuario->password==$repeatpassword)
                            {
                                    // check char length of username and fullname
                                    if (strlen($this->usuario->username)>25 ||
                                            strlen($this->usuario->fullname)>25)
                                    {
                                            echo "Max limit for username/fullname are 25 characters";
                                    }
                                    else
                                    {
                                            // check password length
                                            if (strlen($this->usuario->password)>25 ||
                                                    strlen($this->usuario->password)<6)
                                            {
                                                    echo "Password must be between 6 and 25 characters";
                                            }
                                            else
                                            {
                                                    // encrypt password
                                                    $this->usuario->password = md5($this->usuario->password);
                                                    $repeatpassword = md5($repeatpassword);

                                                    $uDAO->nuevoUsuario($this->usuario);

                                                    die("You have been registered! <a href='/AppResiduos2/Login.php'> Return to login page</a>");

                                            }
                                    }
                            }
                            else
                                    echo "Your passwords do not match";
                    }
                    else
                            echo "Please fill in <b>all</b> fields!";
            }
            else
                    die("User already taken");


	}
        }
}


echo "<html>
        <head>
            <link rel='stylesheet' type='text/css' href='/AppResiduos2/scripts/prueba.css'/>
        </head>

        <body>
            <div class='pcpal'>";
            
$c = new UsuarioControl;
$action = $_POST['accion'];

if(strcmp($action,'guardar') == 0){
    $c->nuevoUsuario();
}
else if(strcmp($action,'login') == 0){
    $c->login();
}

echo "</div>
        </body>
    </html>";



?>
